Slashdot Mirror
Ready or Not, Here comes Windows XP SP2
TheViffer writes "Beginning April 12, 2005 Microsoft will remove all temporary blocking of Windows XP SP2 by automatic update and Windows update which it has granted to those organizations that requested it. So unless you run Software Update Service (SUS), chances are you will get a mix of SP1 and SP2 running at the same time. Let's just hope you have these programs that are known to experience a loss of functionality when they run on a Windows XP Service Pack 2-based computer and these programs that seem to stop working after you install Windows XP Service Pack 2 patched, upgraded, or removed. Might be a good time for help desk personal to pencil in a week (or two) of vacation."
In my humble opinion, this is a good thing. I run a decent sized IT shop, and I feel that not upgrading to SP2 is akin to connecting your computer/network to the internet without a firewall.
What does SP2 seriously add to the corporate desktop? Admittedly I haven't been in charge of windows desktops since Win2K, but I can't immediately see any advantage. Only support nightmares concerning the builtin firewall. Is a personal firewall really needed on every secretary's desk? I would hope not... they're not supposed to run any unauthorized services other than those required for remote control/remote software deployment.
Learn from the mistakes of others. There isn't enough time to make them all yourself.
Does anyone know if the appcompat system can be used to provide an XPsp1 (or earlier) environment *only* for apps that break in SP2?
:/
I'm asking both "if" it could be done, and whether it IS in fact an option if so.
That seems like a better solution, IMHO, than holding off on upgrading to SP2 forever, if it could be made to work. Of course, I don't think there's any easy way to centrally deploy or manage appcompat stuff, either...
Xentax
You shouldn't verb words.
You know... it's people like you that I would love to jam a broken bar dart deep into the canal of your best ear.
Most of the reasons for "Bloat", "Lax Security", and "Instability" are because of constant need to keep every version/update to Windows compatible with even the earliest versions. With this Service Pack, a bazillion people voiced out that they want security... even at the price of compatibility. Now you bitch. Had they done the same old thing, you would still bitch.
This post is simply an obvious attempt to grab some of those first post mod points. Thanks for wasting a few minutes of my life.
"When life gives you lemons, don't make lemonade. Make life take the lemons back!" -- Cave Johnson
I guess that some apps could be affected by the built-in system in SP2, preventing apps from opening a LISTENing port on your machine. /.ers:
I know that you can let a program be allowed to open a listening server, but I would like to ask to the
do you have tried using it with the common P2P apps and google desktop? Do they work?
I'm worried to break something I regularly use....
667 The Neighbour of the Beast
I have tried several times to install XP SP2 on my girlfriend's laptop, but each time the laptop has rebooted once and then refused to boot again.
Booting into safe mode has allowed me to uninstall SP2 and restore the machine to a usable condition. I don't mind SP2, I just don't want to spend the time troubleshooting a failed install.
Even if Microsoft were to offer me free telephone support, it would still waste my time. It seems unfair to force users to accept upgrades that may very well cause their computer to cease functioning.
I have SP2 on my home PC with IE set to block all popups, but I seem to have more popups than ever.
Virtual PC - 2004 - Microsoft
When you run a Windows XP SP2-based virtual machine, it will perform slowly compared to a Windows XP SP1-based virtual machine."
Interesting that a Microsoft product has problem with their own Service Pack.
Ruby on Rails Screencast
(Granted, this is a trailing edge machine - VIA VA-503 / K6-III, but still daaaaamn!)
neato!
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
"Yet you will willingly go out and get the latest Linux kernel, or the latest update of MacOS X without hesitation right?"
The parent said nothing of the kind.
"MS has given MONTHS (try almost 6 months) for people to do what needs to be done."
Given? MS sold an OS riddled with security problems. Those who wanted a fix had to wait a long time for it and the "fix" broke a boatload of functionality resulting in yet more cost for the customer. Those who don't want this mixed bag of code will now have it forced upon them, or be unable to use the update service that they have payed for. MS has "given" nothing but headaches. What "needs to be done" is for MS to deliver a quality product in the box. Their customers should not be their guinea pigs.
I work for a dsl isp. Phone support for losers who think that upgrading to XP is the fix to all their problems, and then only when there's the slightest ember of awareness in their brain that maybe win98 is causing all of their problems.
For me, SP2 is evil, no matter how you spin it. OSX users never have problems, I only maybe have to reset an email password for them once in awhile. PS2 users, if they have the correct numbers in, and it's not working, you know it's some sort of DSL issue. Routers, same thing. Only windows machines ever cause chronic, unsolvable problems.
You people remind me of serial killer groupies: "When will all the Ted Bundy bashing stuff end? He was a nice guy!".
The simplest program ever was a 0-byte file in IBM's MVS operating system. (That O/S had some utilities that could only be accessed by running a "program" - and to get the utility to run without actually doing anything ... well, the solution was a program that literally did nothing).
:).
The funny thing was, someone wrote a Problem Tracking Report (i.e. "Bug") about this, and had the MVS team change the program - the flaw was that the return code register was being set in the utility, but the 0=byte program was not copying this result code into it's own return register, so the program was returning a "success" evem when a failure had occurred.
We co-ops got a chuckle out of it because of the "bugs per line of code" calculation would have had a div-by-zero problem
Chivalry is not dead, it's just frequently misspelt. - M. Langley
One of my relatives works in a biochemical research lab. All of their computers are WinXP Sp1 because Sp2 basically broke every single program and driver they relied on for their daily calculations, data acquisition, and analysis (some of the software is commercial, and some was custom-written by people who are currently residing in Eastern Europe and Brazil). Naturally, every worm outbreak hits them hard -- but they think it's worth it to clean up a worm once every couple of months rather than struggle with their bread-and-butter programs locking up on Sp2.
Sp2 is great for the average Joe who uses his box for email and pr0n, but if you are using your computer as a scientific instrument, then installing Sp2 changes (and breaks) too many things.
(In case you are wondering, the reason they don't switch to Linux is that some of their data acquisition hardware doesn't have good Linux drivers)
I'm not an avid supporter of MS, but I believe that credit should be given when and where it is due. SP2 is a GOOD thing. Yes it breaks some things, but that is the price you pay for past mistakes. MS realized that they had 2 choices: 1) continue supporting a horribly flawed system 2) break the cycle, back up, fix the problems and start again. They made the daring choice to back up and start again. That is impressive for a company with a multibillion dollar product with 90% market share. It still isn't perfect, but I think that they know that. They're hoping that Longhorn will solve many of these problems. Maybe they're right, who knows though. At least they tried to help everyone out by fixing the product, giving people time to adopt and adapt, and are firm enough to stick to a schedule, knowing that the fix will only really help if EVERYONE is upgraded. KUDOS to MS. (Someone better take note of this moment, it may never happen again.)
Why doesn't anything interesting happen when I have mod points?
So why the heck they are putting those applications on their 'non-working' list? To show customers that 'their' alternative is working well but not the rivals? And most importantly, how on the earth a virus scanner cease working after a patch, what kind of security is that?
Servicepack 2 has been a big pain in the ass of almost everyone who has to do something with more then three PC`s, but its still the best thing from Redmond in years!
The reason, Microsoft has *never ever* gone though changes that would impede backwards compatability, even if such changes are the only way to fix a fundamental security oversights. For some reason the whole wintel world still hinges on backward compatability, eventhough lots of it could be done away with for years now. How many people still run dos software on systems that cant run better on a real emulator?
That is, until service pack 2.
And now after many years Microsoft has somewhat fixed some fundamental problems... thats nothing short of a miracle! Its not because these few changes are gonna make a lot of difference its because they prove microsoft finally "got it". Microsoft figured out it has to choose between backward compatability or killing the internet and their market as we know it though worldwide armies of zombies, spyware everywhere and spam traffic reaching the limitations of any mail server. These are just the problems you can see, god knows what people do who can both find a hole and erase a log file.... The bottom line is that there is only so much spyware and worms a normal user can put up with. this line is approaching rapidly for the majority of windows users. Is has been long past for some people who, luckly for microsoft, don`t have a clue how to move. Its hard to explain to people who do think about what they buy that they need exchange if all they get though it is spam and worms...
So... with every story of applications needing to be replaced (
*) Basicly its the DoD is asking for security certification, noone asks for stuff that is "not substantially less secure then older competition like VMS". Try this, walk into compusa and ask for a computer that allows you to write texts and send email but that doesn`t get "virusses"..... they will sell you a virus scanner! those didn`t work in the dos days for christ sake! Virus scanners were intended for the admins lucky enough to get a know virus to help them find and clean it, they had to infect many files to be able to stick around back then. Scanner were never intended to solve any problem.
sigh
How about complaining to Adobe if Photoshop CS still doesn't work correctly with SP2? It's not as if there hasn't been any time to correct any issues...
Life is like a sewer; what you get out of it depends on what you put into it...
Until the Windows 98-XP transition was completed there was no point. There is no way to make Win 98 secure, too much support for legacy systems. Sure you could do a firewall, but it would be too easy for a trojan to disable it. I don't think the stack protection scheme would work in Win-98.
We waited ten years for Apple to get its act together and finaly release OS-X and give us basic memory protection.
The hold up here is because there are a bunch of corporate IT departments who have not got arround to making XP SP2 deployment a priority which in turn is because many of them have a small number of apps that are not SP2 compliant.
All I use my machine for is Office, IE and Visual Studio. But I have to wait until they have checked out several hundred Oracle, Clarify etc. apps.
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
(In case you are wondering, the reason they don't switch to Linux is that some of their data acquisition hardware doesn't have good Linux drivers)
Or mac drivers. Which sometimes drives me crazy. I work in a lab, too, and we have an image processing package which we use to make 3D anaglyphs from Z-series data acquired by a confocal optical microscope. A rep from Apple told me that they have tried to get the programmers to make a Mac OS X version of the package, and the programmers keep refusing, even though it's APPLE asking them to do it. I've requested one several times without success.
Given that there are crossplatform dev tools out there these days (RealBasic, which can be used for serious work as well as introduction to programming for new programmers, is an example -- it can compile for Windows, Mac, and Linux all) there's far less of an excuse for that these days. Write it once, compile it for everybody. And the executables are native -- no virtual machines required, so Java's slowness isn't a problem, for instance.
This application didn't even blink when it found itself running under SP2 one day -- just keeps on going and going.
i am a soviet space shuttle
Err... Perhaps you should advise your relative to suggest to HR to hire some competent admins. They can effectively seal the computers they use in their work from access from the outside world. All it takes is a protocol to communicate the results to the outside. Put a firewall in front of all those computers (preferably one that does NAT and protocol analysis), close every single port and protocol, then open only the one that passes the data through.
Then they wouldn't even need to patch those computers.
They could justify the expense of keeping these machines for data analysis only (i.e. as extra computers) by simply calculating the costs they incur with every worm/virus/etc cleanup.
In which case you desperately need a lawyer, a PR guy, and a new line of work, probably in that order.
I've heard loads of technically competent people say they've installed SP2/latest updates/etc. and not had a problem. For each two of them, I've heard at least one equally technically competent person tell me about at least a major software failure, and frequently the whole system being rendered inoperable and requiring a reinstallation. Just last week, my whole company backed out an official MS patch for WinXP that came in through automatic updates after we traced the sudden breaking of our Samba servers to that patch.
A slightly more secure system that doesn't run the tools I need to run is not an improvement over a slightly less secure system that runs the tools I need to run. Please understand this.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
SP2 is evil. It kills all the loopback ranges except 127.0.0.1. Very recent releases of SSL VPN programs like Nokia Secure Access System are unable to deliver most of their port-forwarding based resources. It would be nice if their was a way to shut off that protection!
God, Root, Whats the difference?
I just used group policy to fix a permissions glitch with a shared folder being needed by an application on (looks at statistics) 874 machines over 2 operating systems, 4 servers, all over one primary active directory domain and 2 subdomains.
Total time to repair problem: 7 minutes, plus 60 minutes tops to allow all machines to replicate (again, settable in group policy).
We deployed XPSP2 complete with a fix for a rather badly put together application we use. It took about the same amount of time, except it was scheduled to happen at midnight so there was no working downtime.
Tens to hundreds of desktops isn't a problem if they're set up properly.
How many people can read hex if only you and dead people can read hex?
I installed SP2 a couple months ago.
I already ran my own (software) firewall that did both ingress and egress filtering, along with running Firefox as a web browser.
SP2 hasn't done anything noticeable for me, except that the wireless network dialogs are a lot nicer.
I'll admit that the firewall drove me nuts for a bit: it was always popping up, telling me it was doing me a favor by blocking legitimate traffic. I ended up turning it off, but only because I had my own firewall already.
When I find myself using IE (infrequently), I do find that it'll now occasionally put a bar across the top informing me that it's barred various malware from installing itself. Between this and the firewall, SP2 is a very good thing for the average computer user, and is of little harm to those of us who already found something to do it.
________________________________________________
suwain_2